More
    HomeMobile EuropeApp-ocalypse diverted? The operator role in mobile app security

    App-ocalypse diverted? The operator role in mobile app security

    -

    “The possibility of the mobile ecosystem becoming as unsafe as the internet threatens to become a reality unless consumers and operators alike take up their respective role in the fight against messaging abuse,” says Alan Ranger, vice president of mobile marketing at Cloudmark.

    In this guest post for Mobile Europe, Ranger discusses the increase in mobile security threats to consumers, and says that both operators and consumers have their roles to play in combatting them.

    App-ocalypse now
    Spam and phishing attacks via smartphones are already well-documented, and recent news in the UK has cast a spotlight on the type of spam and phishing attacks that consumers have recently fallen victim to.

    Examples include fake insurance claims and unsolicited pharmaceutical discounts to name but two. Not only is the deluge of mobile spam becoming increasingly harder to bear, but now hacking and viruses are also beginning to rise in frequency. Recently, Trojan, spyware and malware threats are being detected at an alarming rate and increasing across a number of platforms.

    Such instances are relatively low in comparison to desktop PC attacks. However, a lack of awareness and the fact that the implementation of safeguards on mobile devices has not been considered a priority by many users, suggests that the mobile platform will continue to be a target for hackers. Whereas consumers are cognisant about email spam and malware on their computers, mobile users have an inherent trust in their devices, putting them in a precarious position and making them even more susceptible to attack.

    The threat
    Recent pilot results from the GSMA Spam Reporting Service (SRS), powered by Cloudmark, highlighted the growing prevalence of mobile spam and the risks it poses to end-users. According to these findings, 70 per cent of subscribers’ reports of messaging abuse were acts of attempted financial fraud, reinforcing why mobile security has come into such sharp focus.

    The most recent and worrying threat on the mobile security horizon is the ‘rogue’ app – a nasty mobile application dressed up as a legitimate app that aims to siphon off your cash or access personal information. There have already been instances of mobile apps infected with rootkits making their way into the Android Market earlier this year, and security experts expect this to continue. Recent news in the UK media this month alone has reported malicious apps, disguised as productivity apps or e-book readers that are causing further problems for consumers. With the smartphone
    user unaware of what they are downloading in such instances, these smartphone applications are extremely dangerous in that they are able to access and compromise a significant amount of personal data stored and entered on mobile devices.

    Consumers’ own role
    So, what can be done to help consumers avoid falling into the scam trap? The consumer needs to exercise caution and common sense when it comes to the websites they access and the information they share and download on their mobile device. With the wealth of information on security available online, consumers should arm themselves with the necessary knowledge and where possible, report any suspicious activity. They can also consult their carrier’s website or support line to see if there is a means (such as a short code) for reporting unsolicited SMS and MMS messages (mobile spam). By taking note of the security industry’s warnings, consumers will be able to more quickly identify specific smartphone threats. As a general rule of thumb, consumers should be as cautious on their mobile devices as they have been trained to be on their desktop computer.

    If in doubt of an application or a received message, don’t download, open or respond. Apps should only be downloaded from reputable app stores. By becoming familiar with your preferred app store’s policies, how they bring apps from the developer to the end-user and how apps are monitored, consumers can protect themselves from unknowingly downloading malicious malware onto their device.

    The operator role
    The operator also has a vital role to play in the fight against mobile messaging abuse. By regularly assessing their network and ensuring they are confident in the security measures they have implemented to protect their customers, operators can continue to allow consumers to take full advantage of the increasing number of mobile services made available to them. Operators also need to make sure that consumers are informed of any expected threats to their devices and where possible, set up easy reporting methods so that consumers can alert their provider of any abuse occurring on the mobile platform.

    Consumer vigilance, put alongside industry-wide efforts to tighten up security in the smartphone/tablet ecosystem, will play an important part in making the mobile channel more secure, so the productivity and efficiency benefits upon which we are becoming so reliant can continue to be enjoyed. With mobile becoming a primary gateway to data access, threats directed at this channel will naturally increase.

    Although the potential for operators to drive new revenue streams within the mobile ecosystem is great, it is by no means guaranteed. If operators fail to safeguard the security and trusted status of the mobile device, not only will it affect their bottom-line, but they may also have a security app-ocalypse to deal with.

     

    The possibility of the mobile ecosystem becoming as unsafe as the internet threatens to become a reality unless consumers and operators alike take up their respective role in the fight against messaging abuse.

    About the author: Alan Range is Vice President of Mobile Marketing at Cloudmark